Command & Control
- File system navigation
- Audio recording
- Screen capture
- Webcam monitoring
- Clipboard access
- Yandex Money
- Private data and credentials are compromised.
- Full access to file systems and services.
- Privacy violation due to compromise of peripheral devices like webcam and microphone.
- Adding the victims to the botnet to further the attack (DDoS) against potential targets.
- Enables attackers to make digital fingerprints of their victims.
- Corporate endpoints are exploited to gain access to internal networks.
- VPN access can be compromised via keylogging.
- Use EDR solutions to prevent such attacks.
- Cyber hygiene and user awareness are critical to enhance security.
- Beware of emails that come with suspicious attachments (Office doc/ PDF).